selinux: invoke selinux_set_callback(3) more type-safe

(cherry picked from commit 57e70396dfdc6835c4a9141d29043e4af407205d)
(cherry picked from commit c259b1b6da788964dd9a92f6ff0cfe02f62c0af8)

diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c
index 18f6fb59bc0a0a75b17799032dcc887940937c99..83ec313e58ecf382aa5dcfafa8abc3569d511cc2 100644 (file)
--- a/src/core/selinux-access.c
+++ b/src/core/selinux-access.c
@@ -162,8 +162,8 @@ static int access_init(sd_bus_error *error) {
                 return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to open the SELinux AVC: %s", strerror_safe(saved_errno));
         }
 
-        selinux_set_callback(SELINUX_CB_AUDIT, (union selinux_callback) audit_callback);
-        selinux_set_callback(SELINUX_CB_LOG, (union selinux_callback) log_callback);
+        selinux_set_callback(SELINUX_CB_AUDIT, (union selinux_callback) { .func_audit = audit_callback });
+        selinux_set_callback(SELINUX_CB_LOG, (union selinux_callback) { .func_log = log_callback });
 
         initialized = true;
         return 1;

diff --git a/src/core/selinux-setup.c b/src/core/selinux-setup.c
index 1ac05b81e8e9a19aa032f40db15e98a35d59e683..2bafbee3eb6a18f13fb7c89172a742b3fc71af60 100644 (file)
--- a/src/core/selinux-setup.c
+++ b/src/core/selinux-setup.c
@@ -30,16 +30,12 @@ int mac_selinux_setup(bool *loaded_policy) {
         usec_t before_load, after_load;
         char *con;
         int r;
-        static const union selinux_callback cb = {
-                .func_log = null_log,
-        };
-
         bool initialized = false;
 
         assert(loaded_policy);
 
         /* Turn off all of SELinux' own logging, we want to do that */
-        selinux_set_callback(SELINUX_CB_LOG, cb);
+        selinux_set_callback(SELINUX_CB_LOG, (union selinux_callback) { .func_log = null_log });
 
         /* Don't load policy in the initrd if we don't appear to have
          * it.  For the real root, we check below if we've already